Four of the new controls help harden and reduce the attack surface and help mitigate exploits. These new controls include the following:
1. Data Execution Prevention (DEP) support for Office applications A hardware and software technology that helps harden the attack surface by preventing viruses and worms that exploit buffer overflow vulnerabilities from running.
2. Office File Validation A software component that helps reduce the attack surface by identifying files that do not follow a valid file format definition.
3. Expanded file block settings Settings managed in the Trust Center and through Group Policy that help reduce the attack surface by providing more specific control over the file types that an application can access.
4. Protected View A feature that helps mitigate attacks by enabling users to preview untrusted or potentially harmful files in a sandbox environment.
Office 2010 - New Security Features
http://blogs.pcmag.com/securitywatch/20 ... e_2010.php
Office 2010 - Technet Security Home (numerous links)
http://technet.microsoft.com/en-us/libr ... 79135.aspx
Office 2010 - Security Overview
http://technet.microsoft.com/en-us/libr ... 79050.aspx
MVP (Enterprise Security), ISLA-2010 (ISC)², C|EH, C|HFI, CCNA, MCP,
Certified ISO 27001:2005 Lead Auditor
[b]There are 3 roads to spoil; women, gambling & hacking. The most pleasant with women, the quickest with gambling, but the surest is hacking - c0c0n